Lucene search
K

315 matches found

CNVD
CNVD
added 2016/02/02 12:0 a.m.4 views

Mozilla Firefox Denial of Service Vulnerability (CNVD-2016-00847)

Mozilla Firefox on Android is an open source web browser for the Android platform. The 'MoofParser::Metadata' function in the binding/MoofParser.cpp file in the Mozilla Firefox libstagefright library fails to limit the size of the result of a read operation, allowing remote attackers to conduct...

10CVSS8.7AI score0.05645EPSS
Exploits0References1
OSV
OSV
added 2016/01/31 6:59 p.m.7 views

CVE-2016-1948

Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modifying the client-server data stream...

5.3CVSS5.8AI score0.00452EPSS
Exploits0References4
OSV
OSV
added 2016/01/31 6:59 p.m.2 views

CVE-2016-1943

Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method...

4.7CVSS7.4AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2016/01/31 6:59 p.m.28 views

CVE-2016-1948

Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modifying the client-server data stream...

5.3CVSS6.5AI score0.00452EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/12/07 12:0 a.m.17 views

Mozilla Firefox for Android < 41.0 Unknown Protocol Pasted URL Handling Spoofing

Binary data 9017.prm...

4.3CVSS9.7AI score0.01842EPSS
Exploits0References3
Cvelist
Cvelist
added 2015/05/14 10:0 a.m.20 views

CVE-2015-2714

Mozilla Firefox before 38.0 on Android does not properly restrict writing URL data to the Android logging system, which allows attackers to obtain sensitive information via a crafted application that has a required permission for reading a log, as demonstrated by the READLOGS permission for the...

8.7AI score0.0033EPSS
Exploits0References5
CNVD
CNVD
added 2015/04/07 12:0 a.m.3 views

Mozilla Firefox for Android DNS Spoofing Vulnerability

Mozilla Firefox is a popular web browser, and Google Android is a Linux-based open source operating system used mainly in portable devices. A security vulnerability exists in Mozilla Firefox for Android DNS resolution, as the PRNG implementation in DNS resolver fails to correctly use time and PID...

7.8CVSS6.4AI score0.01736EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2014/09/03 10:55 a.m.32 views

CVE-2014-1566

Mozilla Firefox before 31.1 on Android does not properly restrict copying of local files onto the SD card during processing of file: URLs, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application. NOTE: this vulnerability exists because o...

4.3CVSS6.4AI score0.01177EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/03/26 12:0 a.m.28 views

Mozilla Firefox for Android < 28.0 Multiple Vulnerabilities

Binary data 8174.prm...

6.4CVSS9.8AI score0.02344EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2014/03/19 10:55 a.m.40 views

CVE-2014-1501

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection...

5.8CVSS6AI score0.01568EPSS
Exploits0References2
Cvelist
Cvelist
added 2013/09/18 10:0 a.m.36 views

CVE-2013-1727

Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting XSS attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file...

5.7AI score0.05189EPSS
Exploits2References5
UbuntuCve
UbuntuCve
added 2013/04/03 11:56 a.m.31 views

CVE-2013-0790

Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows remote attackers to cause a denial of service stack memory corruption and application crash or possibly execute arbitrary code via unknown vectors involving a plug-in...

10CVSS6.1AI score0.04199EPSS
Exploits0References2
Cvelist
Cvelist
added 2013/04/03 10:0 a.m.24 views

CVE-2013-0798

Mozilla Firefox before 20.0 on Android uses world-writable and world-readable permissions for the apptmp installation directory in the local filesystem, which allows attackers to modify add-ons before installation via an application that leverages the time window during which apptmp is used...

5.9AI score0.00994EPSS
Exploits0References3
Cvelist
Cvelist
added 2012/08/29 10:0 a.m.33 views

CVE-2012-3979

Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the androidlogprint function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function...

7.2AI score0.01884EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2012/08/29 12:0 a.m.4 views

PT-2012-5107 · Mozilla +1 · Firefox +1

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 15.0 on Android Description: The issue is related to the improper implementation of unspecified callers of the android log print function in Mozilla Firefox on Android. This allows remote attackers to execute...

6.8CVSS7.8AI score0.01884EPSS
Exploits1References6
Rows per page
Query Builder